Política de Privacidade

O que coletamos, por quê, e seus direitos sobre isso.

Versão 2026-07-04 · Última atualização 2026-07-04

Este documento está disponível apenas em inglês por enquanto.

This Privacy Policy explains what personal data Spotlite processes, why, who we share it with, and the choices you have. It applies to the Spotlite Discord application (“the Bot”) and the Spotlite website at spotliteme.io (“the Hub”, and together with the Bot, “the Service”). It should be read alongside our Terms of Service.

Who is responsible for your data. Spotlite (the “Operator”, “we”, “us”) is responsible for the personal data described here. You can reach us about any privacy matter at [email protected].

1. Our approach: we store very little

Spotlite is built to collect and keep as little personal data as possible. We do not store your name or email address, we do not store payment-card numbers, we do not store IP addresses in our database, we run no analytics or tracking, and the Hub website sets no cookies. This policy explains exactly what we do process, and why.

2. The data we process

2.1 Your identifier

Spotlite identifies you by your Discord user ID (a numeric identifier assigned by Discord). We do not store your real name, your email address, or your Discord username — where a username is shown in moderation tools, it is fetched live from Discord and not saved by us. Under data-protection law a Discord ID is still an online identifier, so we treat it as personal data.

2.2 What we store about you

Depending on how you use Spotlite, we may hold:

2.3 If you administer a community

For server administrators we also process server-level details: your server’s Stripe connected- account reference, subscription and billing references, your Hub invite link, and snapshots of your server’s public information such as its name, icon, and member count.

2.4 Content you write or upload

Fields you write or upload — promotion text, report reasons, community descriptions, and uploaded images — may contain personal data if you choose to include it. Please do not put sensitive personal information into these fields. Images you upload as part of a promotion are stored in a publicly accessible location and are served publicly while the promotion is live, including on the Hub.

2.5 Technical data

Our hosting and infrastructure providers process IP addresses in standard server request logs, and we use IP-based rate-limiting to prevent abuse. We do not persist IP addresses or device information in our own database.

3. What we deliberately do not collect

4. Why we process your data

We rely on the following legal grounds, depending on the activity: performing our agreement with you (for bookings, payments, and providing the service); our legitimate interests (in preventing fraud and abuse, moderating content, keeping the service secure, and proving agreement to our Terms); and, where it applies, your consent.

5. Who we share your data with

We use a small set of trusted providers, each handling only what is needed:

We do not sell your data, and we do not share it with advertising networks.

6. How long we keep your data, and how to delete it

If a community removes the Bot, nearly all data tied to that server is deleted automatically — including promotions, payments, bids, likes, reports, and saved cards — except your global language preference. Records that are not tied to a single server also remain: your terms-acceptance records (kept as proof of agreement) and any platform-level moderation records described in Section 2.2.

Uploaded images are deleted automatically when a promotion’s slot window ends.

You can erase your own data with /spotlite forget-me. You can run this command in any server where the Bot is present. After a confirmation step, it globally deletes your saved-card references (and the associated Stripe customer) and your language preference.

For safety reasons, /spotlite forget-me preserves anti-abuse and reputation signals and any platform-ban record. When these are preserved, your Discord identifier within them is replaced with a one-way cryptographic token, so the safety signal survives without our continuing to hold your raw Discord ID against it. We rely on our legitimate interest in preventing fraud and abuse for this, and we do not claim that it constitutes complete erasure while we retain the ability to match the token.

Promotions you created, payments, bids, likes, and reports are also retained as transaction and moderation records. If you want data in this category erased, contact us at [email protected] and we will weigh your request against our record-keeping and anti-abuse obligations.

7. Cookies and website storage

The Spotlite Hub is designed to be privacy-respecting:

Because we set no cookies, run no tracking, and load third-party media only when you choose to, we do not use a cookie-consent banner; the single functional storage item records the result of an action you took yourself.

8. Your rights

Subject to applicable law, including the GDPR for users in the EU and EEA, you may have the right to access, correct, delete, restrict, or object to the processing of your personal data, to data portability, and to withdraw consent where we rely on it. You can exercise much of this yourself using /spotlite forget-me, or by contacting us at [email protected]. You also have the right to lodge a complaint with your local data-protection supervisory authority.

9. Children

Spotlite is not directed to children. You must meet the age requirement set out in our Terms of Service, and Discord’s own minimum age, to use Spotlite. We do not knowingly process data from anyone below the required age.

10. Changes to this policy

We may update this policy from time to time. We will change the “last updated” date above and, for material changes, make reasonable efforts to notify users.

11. Contact

For any privacy question or request, contact us at [email protected].


Spotlite is currently in a pre-launch / testing phase. This policy may be updated as the service develops.